As many as 1.2 million accounts from dating site BeautifulPeople.com have been compromised due to a breach last year, as news of their sale in the online black market has surfaced. Troy Hunt, creator of website Haveibeenpwned.com, which helps to identify victims of virtual breaches, discovered the sale early on, noting that information such as “names, passwords, sexual orientations, beauty ratings, dates of birth, drinking habits, education levels, email addresses, income levels, job titles, and other data” were all listed. SCMagazine has confirmed the breach, that the only customers involved were those who provided data prior to July 2015, and that “All impacted members are, of course, being notified once again.”
Initial discoverer of the sale, MacKeeper Security Researcher Chris Vickery, claims that the information was unprotected and easily accessible by an IP address when he first found it and that “the dating website simply published an open database into the world that was accessible to anyone with the IP address.” In all likelihood, the hackers could have simply downloaded the information directly from BeautifulPeople.com. Though the website claims that it was only a test server that was compromised, Vickery insists that “The server may have indeed been a ‘test,’ BUT they put real data into this ‘test’ server.”